The Privacy Act sets out the information that it protects.
Personal information generally means information or an opinion about a person, where the person is identified or is reasonably identifiable.
Sensitive information means a person’s health information, genetic information, certain biometric information and biometric templates. It also means certain personal information, being an opinion about a person’s:
racial or ethnic origin;
membership of a political association;
religious beliefs or affiliations;
membership of a professional or trade association;
membership of a trade union;
sexual orientation or practices;
or criminal record
Personal information collected and held
The Financial Wellness Group only collects and holds personal information that is relevant to, and reasonably necessary for, the financial and other services we provide to you. In addition, we only collect sensitive information if you consent, or in specific circumstances set down in the Australian Privacy Principles.
The kind of information we will be likely to collect and hold includes your name, address and contact details, tax file number, personal medical information, your date of birth and details about your financial circumstances, goals and strategies.
Consequences of not providing your personal information
You are not obliged to give us your personal information. However, if you decide not to give us information needed in order to provide you with services, we may not be able to provide those services to you.
How your personal information is collected and held
The Financial Wellness Group must collect personal information only by lawful and fair means. We will usually only collect your personal information directly from you, for example, in discussion with you or via email. We may collect your personal information from another person if you consent, if we are required or allowed by law to do so, or if it would be unreasonable or impracticable for us to have to collect it from you.
For example, it may be necessary to collect personal details from third parties, such as issuers or operators of financial products or financial services. However, we will endeavour to collect such information directly from you wherever practicable.
When we collect personal information about you, we will tell you why it is being collected, the organisations, or the types of organisations, to whom we usually disclose that kind of information, any law that requires the information to be collected, and the main consequences for you if the information (or part of the information) is not provided. We will also give you our contact details and tell you about how you can access the information.
The Financial Wellness Group utilises a web based client relationship management tool called Microsoft Dynamics 365 that stores its data in Australia. In addition, The Financial Wellness Group uses the Microsoft Office 365 operating system, and the cloud computing service Microsoft Azure. Portions of your data may be stored through these systems.
Your adviser may disclose your personal information to overseas recipients in order to access services they provide, such as paraplanning and administration. If this is the case, your Adviser or their Principal Practice will provide you with details, including the relevant countries. If you consent to this overseas disclosure, it is on the basis that The Financial Wellness Group has not checked that the overseas recipient complies with the Privacy Act but rather, this due diligence has been undertaken by the Principal Practice.
How your personal information is used
Personal information is collected and held so that The Financial Wellness Group and your Adviser can provide you with services you request. This is known as the “primary purpose” for collecting and holding personal information.
We cannot use or disclose your personal information for any secondary purposes unless certain circumstances apply.
We can use or disclose personal information for a secondary purpose where you give us your consent to do so, or where:
the secondary purpose is related to the primary purpose (where the information is sensitive information, it must be directly related to the primary purpose); and
you would reasonably expect us to use or disclose the information for the secondary purpose.
The types of secondary purposes for which we would ordinarily use or disclose your personal information include contacting you regarding other services that we believe may be of interest to you.
We may also use or disclose information where such use or disclosure is permitted by the Australian Privacy Principles. For example, where reasonably necessary to deal with unlawful activity or serious threats to life, health or safety.
Some primary and secondary purposes will require disclosure of your personal information to third parties. Some examples of when this would be required include for the purpose of providing you with services. The likely recipients would be the issuers or operators of financial products or financial services and providers of office and related services to us. We will require that any third parties to whom we disclose personal information will only use that information for the purposes for which we disclosed it to them and on the basis that they will comply with their privacy obligations.
If The Financial Wellness Group moves to another Australian Financial Services Licensee (AFSL), Fortnum may provide your personal information to the other AFSL to enable The Financial Wellness Group to continue providing you with services. Similarly, if The Financial Wellness Group sells their business to another financial adviser or AFSL Fortnum may provide your personal information to them to enable them to provide you with services. In the event of either of these things occurring, FPW will notify you in advance and you will have the ability to opt out of this transition.
Data quality and protection
The Financial Wellness Group will take reasonable steps:
to make sure all personal information we collect is accurate, complete and up-to-date at all times; and
to make sure all personal information we use or disclose is (having regard to the purpose of the use or disclosure) accurate, complete up-to-date and relevant at all times.
We will also take reasonable steps to protect your personal information from misuse, interference and loss, and from unauthorised access, modification and disclosure. Once your personal information is no longer required by us, we will take reasonable steps to destroy or permanently de-identify that personal information, except in circumstances where we are required by law to retain it.
Access and correction
If you think the personal information The Financial Wellness Group holds about you is not accurate, complete or up-to-date, you should let us know. Also, please let us know any relevant changes to your personal circumstances as soon as possible.
We will take reasonable steps to correct information where you provide sufficient evidence or we are otherwise satisfied, having regard for the purpose for which the information is held, that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading. We will also notify the correction to other parties to whom we have previously disclosed the information and if such a party refuses to make a correction, we will notify you of that refusal and how you can make a complaint.
If you require access to personal information we hold about you, please send us an email to firstname.lastname@example.org We will generally allow access, unless certain exceptions apply under the Australian Privacy Principles – for example, if we reasonably consider providing access would pose a serious threat to the life, health or safety of any person, or providing access would be likely to prejudice action being taken by an enforcement body, or providing access would be unlawful.
Your request should specify the information to which you require access or which you wish to be corrected. We will keep a record of your request for and the manner in which it was dealt with.
We will not charge you for requesting access to, or correction of, your personal information. We may, however, charge you the costs associated with meeting your request for access, for example photocopying and postage costs.
We are required to respond to your request for access or correction within a reasonable period, but will aim to do so within 2 business days, of receipt of your request.
We will provide you with access in the manner you request, if it is reasonable and practicable to do so.
If we cannot meet your request for access or correction, we will notify you by email and where reasonable we will give you our reason and take steps to provide you with access. We will also tell you about how you can complain about our decision.
You can contact us anonymously or by using a pseudonym. However, being unable to identify you will limit the services The Financial Wellness Group can provide you and there may be specific cases where we are prevented by law from dealing with you unless we identify you.
Should a data breach occur, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) of the data breaches that are likely to result in serious harm within 30 days of the breach event.
The factors which might contribute to a reasonable person thinking “serious harm” might have occurred include:
The sensitivity of the information;
Whether the information was encrypted;
Whether the information was in a secure file;
How likely it is that the security could be breached; or
The identity of the person who obtained the information, whether they intend to cause harm to the affected person and the nature of the harm.
Complaints and further information
If you would like further information about how we handle your personal information, please send us an email to email@example.com.
If you wish to make a complaint in relation to privacy, including a breach of the Australian Privacy Principles, please put your concerns in writing firstname.lastname@example.org
The Financial Wellness Group will investigate your complaint and respond to your concerns as quickly as possible and within 45 days.
This policy will be reviewed at least annually.
As at 6th March 2019